Senior Director, Cyber Threat Assessment Leader

Job Description

Refinitiv is looking for a few highly skilled cyber security specialists to help staff a new location in the central business district of downtown Hoboken. This new facility will be home to a number of critical cyber security disciplines, designed to improve the overall security posture of Refinitiv- including its assets, data and operations. Be part of an exciting, fast-paced environment that will help Refinitiv strength.

Refinitiv's Information Security & Risk Management (ISRM) team is looking for a dynamic leader to help build and grow it's global Cyber Threat Assessment function. This role will be responsible for all aspects of penetration testing and Red Team activities at Refinitiv You will establish a strong team of penetration testers and Red Team analysts to help evaluate the security posture of Thomson Reuters assets against advanced cyber attacking techniques and methodologies. In addition, you will collaborate with a broad range government, industry and internal relationships to help improve the overall quality of Thomson Reuter's defenses.

You should have a deep understanding of cyber attacks and the process of leading them, the spectrum and state of current malware, intrusion techniques & hacking - from amateur to Advanced Persistent Threat (APT). You should have a demonstrated experience successfully leading a global team, as well as coordinating with cyber intelligence, cyber threat detection, incident management and security operations counterparts. You should have direct experience and effectiveness communicating across different tiers... from technologists to the 'C' suite.

Essential Responsibilities:

  • Build and lead our global Cyber Threat Assessment function including the Penetration Testing and Red Teams
  • Assist in the build out and staffing of the new Refinitiv Cyber Fusion Center in Hoboken, NJ
  • Serve as the principle point of contact for Cyber Threat Assessment intake, liaising across Legal, IT, Product, Communications and Security teams
  • Experience with local and multiple country regulations governing incident response processing and handling of sensitive data
  • Lead the Cyber Threat Assessment team according to best practices, maintaining a standard of the highest quality & confidentiality
  • Mentors other managers and analysts in penetration testing and Red Team disciplines
  • Coordinate critical, sensitive cyber threat simulation activities, assessments & audits spanning multiple geographies
  • Conduct briefings on sensitive penetration tests and red team engagements to a broad spectrum of audiences, ranging from Senior Executive management to IT Leadership
  • Research emerging vulnerabilities and develop proof-of-concept code in a laboratory setting
  • Develop custom tools to support penetration testing as required
  • Assist in technical assessments of wired and wireless network assets
  • Assist in physical and social assessments of target sites in support of technical assessments
  • Make recommendations concerning the overall improvement of the security posture through the proactive discovery of security weaknesses using penetration-testing techniques.

  • Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education
  • 6+ years of experience in the cyber threat assessment domain (penetration testing and/or Red Teaming)
  • 3+ years of management experience leading a high performing cyber threat assessment team
  • Strong verbal & written communication skills
  • Strong critical thinking and group facilitation skills, specifically in large or complex problem settings
  • Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, mobile device penetration testing, IoT testing as well as physical and social engineering exercises.
  • Knowledge of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat attack.
  • Knowledge and understanding of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Strong skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
  • Experience developing vulnerability reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations.
  • Demonstrated ability to attract and develop cyber security talent
  • Industry or sector leadership in designing and improving the field of penetration testing and red teaming
  • Hands-on experience conducting advanced persistent threat (APT) simulations in a global network setting
  • Change agent with ability to drive accountability & outcomes across a diverse threat landscape
  • Strong business acumen & successful track record in aligning with customers
  • A strong cross-functional team player with ability to lead and coach others in a matrix structure, across time zone and national boundaries

Desired Characteristics:

  • Certified Penetration Tester (CPT) or GIAC Penetration Tester (GPEN)
  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

The Financial and Risk Business of Thomson Reuters is now Refinitiv. Refinitiv equips the financial community with access to an open platform that uncovers opportunity and catalyzes change. With a dynamic combination of data, insights, technology, and news from Reuters, our customers can access solutions for every challenge, including a breadth of applications, tools, and content-all supported by human expertise. At Refinitiv, we facilitate the connections that propel people and organizations to find new possibilities to move forward.

As a global business, we rely on diversity of culture and thought to deliver on our goals. Therefore we seek talented, qualified employees in all our operations around the world-regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Refinitiv is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Intrigued by a challenge as large and fascinating as the world itself? Come join us.

Hoboken-New Jersey-United States of America

Back to top